Skip to content
Permalink
Browse files Browse the repository at this point in the history
Fix SQLi in admin and members reports/edit controllers #645
* Previously the incident id was not sanitized before being used in
  the geometry query.
  • Loading branch information
rjmackay committed Jul 1, 2012
1 parent 3438eb8 commit 3f14fa0
Show file tree
Hide file tree
Showing 2 changed files with 4 additions and 4 deletions.
4 changes: 2 additions & 2 deletions application/controllers/admin/reports.php
Expand Up @@ -707,8 +707,8 @@ public function edit($id = FALSE, $saved = FALSE)
$sql = "SELECT AsText(geometry) as geometry, geometry_label,
geometry_comment, geometry_color, geometry_strokewidth
FROM ".Kohana::config('database.default.table_prefix')."geometry
WHERE incident_id=".$id;
$query = $db->query($sql);
WHERE incident_id = ?";
$query = $db->query($sql, $id);
foreach ( $query as $item )
{
$geometry = array(
Expand Down
4 changes: 2 additions & 2 deletions application/controllers/members/reports.php
Expand Up @@ -496,8 +496,8 @@ public function edit($id = FALSE, $saved = FALSE)
$sql = "SELECT AsText(geometry) as geometry, geometry_label,
geometry_comment, geometry_color, geometry_strokewidth
FROM ".Kohana::config('database.default.table_prefix')."geometry
WHERE incident_id=".$id;
$query = $db->query($sql);
WHERE incident_id = ?";
$query = $db->query($sql, $id);
foreach ( $query as $item )
{
$geometry = array(
Expand Down

0 comments on commit 3f14fa0

Please sign in to comment.